you can recover the password if you have access to your configuration.php file on your server.

+

you can recover the password if you have access to your configuration.php file on your server.

Open this file and add

Open this file and add

Revision as of 16:44, 12 May 2012

Normally, you can add, edit and delete users and passwords from the back-end User Manager. To do this, you must be logged in as a member of the Super Administrator group.

In some situations, this may not be possible. For example, your site may have been "hacked" and had the passwords or users changed. Or perhaps the person who knew the passwords is no longer available. Or maybe you have forgotten the password that was used.

In these cases, it is still possible to fix up the Joomla! database so you can log back in as a Super Administrator. There are possible methods discussed below.

Contents

In Joomla 1.6 and later

you can recover the password if you have access to your configuration.php file on your server. Open this file and add

public $root_user='myname';

to the list where myname is a username with administrator access that you know the password for.

This user will now be a temporary super administrator.

Login to the back end and change the password of the administrator user you don't have the password for or create a new super admin user. If you create the new user you may want to block the old user depending on your circumstances.

When finished, make sure to go back and delete the added line from your configuration.php file.

If you have no users who know their passwords and you can't utilize front end registration you may need to make a change in your database.

Use the Lost Password Feature 1.5

If you have access to the email address that was used for the admin user, and you have made the "lost password" feature available on the front end, the simplest thing is to do is to use the "lost password" Front-end function. The site will send an e-mail to the user's e-mail address and allow you to change the password. Note: This method will not work in 1.6 or later.

If this method will not work, you have two other options, both of which require working with the MySQL database directly.

Change the Password in the Database

If the admin user is still defined, the simplest option is to change the password in the database to a known value. This requires that you have access to the MySQL database using phpMyAdmin or another client.

Navigate to phpMyAdmin and select the database for the Joomla! site in the left-hand drop-down list box. This will show the database tables on the left side of the screen.

Click on the table "jos_users" in the list of tables (note: you may have a prefix that is not jos_, simply go to the _users table for your prefix).

Click on the "Browse" button in the top toolbar. This will show all of the users that are set up for this site.

Find the user whose password you want to change and press the Edit icon for this row.

A form will display that allows you to edit the password field. Copy the value

d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199

into the password field and press the Go button. phpMyAdmin should display the message "Affected rows: 1". At this point, the password should be changed to "secret".

Log in with this user and password and change the password of this user to a secure value. Check all of the users using the User Manager to make sure they are legitimate. If you have been hacked, you may want to change all of the passwords on the site.

Add a New Super Administrator User

If changing the password won't work, or you aren't sure which user is a member of the Super Administrator group, you can use this method to create a new user.

Navigate to phpMyAdmin and select the database for the Joomla! site in the left-hand drop-down list box. This will show the database tables on the left side of the screen.

Press the "SQL" button in the toolbar to run an SQL query on the selected database. This will display a field called "Run SQL query/queries on database <your database>".

Delete any text in this field and copy and paste one of the following queries and press the Go button to execute the query and add the new Administrator user to the table.

Use the 1.6 query version for a site based upon Joomla 1.6.xx and use the 1.5 query version for a site based upon Joomla 1.5.xx.

NOTE:The following code uses jos_ as the table name prefix which is the Joomla default table prefix If you elected to change this prefix when you first installed Joomla, you will need to change jos_ to the prefix you used.

At this point, you should be able to log into the back end of Joomla! with the username of "admin2" and password of "secret". After logging in, go to the User Manager and change the password to a new secure value and add a valid e-mail address to the account. If there is a chance you have been "hacked", be sure to check that all users are legitimate, especially any members of the Super Administrator group. The examples above change the password to "secret". Two other possible values are shown below:

Warning: The password values shown on this page are public knowledge and are only for recovery. Your site may be hacked if you do not change the password to a secure value after logging in. Be sure you change the password to a secure value after logging in.